FBI OpenBSD crypto Backdoors
From Cryptome. This is the year…See Something, Say Something! Let Freedom Ring in 2012!
From: Gregory Perry <gregory.perry[at]govirtual.tv>Subject: Follow up to OpenBSD Crypto Framework Backdoors Thread
Date: Thu, 12 Jan 2012 01:57:39 +0000
Here is a follow up to the FBI / OpenBSD / OCF encryption backdoors thread as promised. We had a three alarm fire at our house over the Christmas holidays and I am just now getting plugged back in.
At ~1997 or thereabouts, the FBI approached a fellow by the name of Lew Jenkins, the Chairman and CEO of Premenos Technology Corp., about their development of an Electronic Data Interchange (EDI) software suite used for corp-to-corp EDI transactions called "Templar".
At that point in time encryption technology (especially public key encryption algorithms) were still considered munitions by the United States government, and presumably the FBI was interested in Premenos research related to key escrow and session recovery of RSA-encrypted communication sessions.
A portion of Mr. Jenkins' research was conducted with a Ecuadorian national that provided Premenos with at least one mathematical vulnerability in the RSA encryption algorithm related to changing the base numbering system of the resulting RSA modulus after a block of plaintext had been encrypted. Mr. Jenkins and Premenos also maintained extensive contacts with the Crown of England, including prominent English Lords involved with Internet communications technology.
One of the investors in Premenos was a fellow by the name of Ross Pirasteh, who was either the Prime Minister of Finance for the Shah of Iran or actually the Shah of Iran himself. As the story goes, Ross and his family were snuck out of Iran rolled up in Persian rugs just prior to or during the 1979 revolution headed by Ayatollah Ruhollah Khomeini; once Ross and his family emigrated to the United States, the FBI gave him and his family new identities for obvious reasons. I initially met Ross in the early 90s from a GPS-based automobile tracking project (nonmilitary-grade GPS), and in 1995 I gave him some information about Templar and he became an investor in Premenos shortly thereafter.
In 1999 I co-founded a computer security engineering firm with Ken Ammon and Jerry Harold, Network Security Technologies Inc. (NETSEC). Ken was the CEO, Jerry was the COO, I was the CTO. Ken and Jerry were high rank and file ex-NSA InfoSec employees and had extensive contacts in the DoD and federal government; we offered managed network security, penetration testing, vulnerability analysis, and reverse engineering services to the federal government and private sector.
NETSEC's first investor was Ross Pirasteh, he provided a bridge loan to get the company started. The first friends family fools round of Preferred A investment was via a Boca Raton angel syndicate that I believe Ross had introduced to Ken and his wife, but I was not privy to those details.
Our first intended product was an ATM-based high speed embedded network security appliance that was to be placed on customer networks for remote network protocol analysis, surveillance, and intrusion detection and prevention. Each hardware appliance would be monitored from a cryptographically accelerated encrypted VPN tunnel from the NETSEC NOC, and I designed the initial NOC prototype and network management system. For the embedded hardware appliance development and contract manufacturing process, I hired Doug Bostrom and Wayne Mitzen, two very talented EE-types that had worked for Ross at a previous venture in Boston related to wireless telemetry (for example, U.S. Patent 6,208,266).
During that development effort I approached Theo de Raadt of the OpenBSD project about funding and implementing real-time preemptive POSIX-complaint threads capability to the OpenBSD operating system, instead of using a VxWorks RTOS due to Wind River's exorbitant licensing costs (OpenBSD and the BSD license were free and unencumbered of patents). NETSEC provided the OpenBSD Project with hardware and funding to implement the beginning stages of the OpenBSD Cryptographic Framework, based on a HiFN line of cryptographic accelerators that were eventually worked into the OpenBSD kernel and OCF (our first choice was BroadCom, but Ken had connections at HiFN so that was the initial chipset used with the OCF). x86-based hardware in the late 90s simply could not handle the computational effort required for high speed FIPS 140-1 and FIPS 140-2 compliant DES and 3DES encryption, so a dedicated crypto processor was needed to support ATM+ wire speeds.
Shortly thereafter, NETSEC started a project with the GSA called the GSA Technical Support Center . The GSA Technical Support Center was a joint FBI and DoD collaboration to provide reverse engineering and cryptanalytic services to federal government and military components. The project lead was FBI executive Ron Bitner (or at least that's the name he gave me), and the GSA representative tasked with funding the project was Dave Jarrell. When I started working on the project I voiced concerns to Ken about the demarcation point between the FBI and DoD (or lack thereof), which at the time was a fairly egregious violation of the Posse Comitatus Act. Ken's answer was that Multi Level Security (MLS) systems such as Trusted Solaris would be used to share information of varying classification levels between the FBI and DoD to preserve the age old separation between the military and civil government, but I saw the proverbial writing on the wall and didn't want to participate in the project any longer.
Later in the year I resigned my position at NETSEC during a company-wide meeting, and went on to start an embedded wireless bandwidth management company. I had a two year non-compete with NETSEC so I couldn't work in security any longer at that time.
Obviously there is a lot more to this story than a one page synopsis, but I think what is important to make mention of is the close nexus between supposedly unfriendly governments such as Iran and the US. In 1995 the FBI was adamantly against any relaxation of encryption export regulations, yet they did an abrupt about-face on the issue in 1999 (for example,
I personally believe that the FBI, or at least certain officials within the administration at that time, willingly advocated the relaxation of encryption export regulations only due to their discovery of critical vulnerabilities and weaknesses in the RSA encryption algorithm not exhibited by the predominant public key encryption method used at the time which was Diffie-Hellman. Of equal interest was RSA Security's decision to not pursue an extension of the RSA patent after its 20-year expiration, which they could have easily obtained on national security grounds. They simply waived their rights and let RSA become an open and public domain standard despite their significant revenues in licensing of the RSA encryption algorithm in the USA based on U.S. Patent 4,405,829.
If any of this conjecture is the case, then it could reasonably be said that the FBI intentionally - and very seriously - weakened the United States critical infrastructure and our military capabilities by advocating the use of a fundamentally weak encryption algorithm as a tradeoff between US National Security and their need to observe domestic communications in the United States. This of course has serious implications for any technology predicated upon the RSA encryption algorithm and its progeny, such as military grade GPS which uses RSA for weapons targeting, military smart card technology such as the Common Access Card, commercial smart card technologies used in RFID and contactless payment solutions, etc. Most of these standards are now literally set in stone insofar as embedded systems are concerned, and the vast majority of OpenBSD / OCF installations are embedded-based without an upgrade path due to the small footprint of OpenBSD and the BSD licensing scheme used by the OpenBSD project. Literally millions (and potentially hundreds of millions) of OpenBSD installations are out there in the embedded space such as routers, firewalls, VPN devices etc, and this goes without mentioning the many other operating systems that have incorporated the OpenBSD OCF and PF firewalling stack without any audit of the source code based on the security and reputation inherent to the OpenBSD Project.
Let me know if you have any other questions, and Happy 2012 to you and Cryptome.
Corrected subject, this nut job is accusing crypto backdoors, not PF. This new claim isn't even specific to OpenBSD, now he claims RSA as a whole is flawed (which would impact every vendor). And stating there are millions if not hundreds of millions of OpenBSD boxes out there? Exceptionally doubtful there are millions, and there definitely aren't hundreds of millions, OpenBSD is relatively obscure and that would make it one of the most widely deployed OSes in the world. The guy just continues to make ridiculous claims.
Well, maybe not all of his claims are ridiculous and you'll note in his last paragraph, he states, "If any of this conjecture is the case…"
There are numerous articles on the web by researchers in the crypto field who are also implying that there could conceivably, be back-doors built into the RSA encryption algorithm based on something called "a constant".
Not that it should reflect bad on anything PF or BSD, but it is good to be AWARE that the possibility does exist, that the relaxation of export restrictions on Encryption may not entirely be a good will gesture without some sort of back-door being available for government snooping, which only makes sense.
Afterall, we've seen all sorts of whistle-blowers come forward to reveal everything from the Israeli based equipment take-over of the NSA, to the back-room infrastructure wire-taps at AT&T, to the Europeans fining Microsoft massive fines and determining that the Windows software, "amounts to a bugging device", and based on DoD documents, WWW in their nomenclature stands for World-Wide-Wiretap.
So, don't sit back in your chair, and clasp your hands behind your head with that big smile just yet, at least when it comes to online encrypted communication.
Yesterday, I read a court ruling, involving a PGP encrypted laptop that was seized by the FBI. Incredibly ludicrous, the Judge ruled that Americans can be forced...read that...FORCED, to reveal the password to decrypt their information. Well, I'm no lawyer, but I know enough to know that no law can compel another Human Being or "Force" you to give up your right to not incriminate yourself...that's just not natural.
So, PGP works so well, that the FBI can't crack it? Or....they're getting ready to crack down and make illegal encryption programs such as PGP and the like, just like they're trying to do now with the Internet through SOPA, PIPA, ACTA, etc, etc...
The guy went from "The FBI back doored crypto in OpenBSD", which has been extensively investigated and found to have no basis in reality, to "maybe there is a security weakness in a crypto algorithm". Nothing he says should have any merit at that point, besides all the other nonsensical drivel there ("embedded-based without an upgrade path due to the small footprint of OpenBSD and the BSD licensing scheme" huh? none of that is remotely true).
No question there could potentially be crypto weaknesses in any crypto algorithm that are only known by a select few. Judging by his proven lack of credibility, this guy would be the last to let the world know.
You're way too far into conspiracy theory territory there. Yes, the US government is going to outlaw every crypto algorithm they can't break. ::) Good luck with that.
It would be a welcome relief if what was said, other than what you highlighted about OpenBSD and embedded systems, was in fact, a conspiracy theory. The facts are there for anyone to research and read for themselves. I assure you…I don't do conspiracy theories.
https://www.youtube.com/watch?v=hI_k9Xt00YE - Israeli based equipment in use by the NSA and installed at AT&T and Verizon. Democracy Now.
https://www.youtube.com/watch?v=2Ouv1G_uVFw - World Wide Wiretap. DARPA, SOPA, PIPA and Internet Freedom - From WPIX Channel 11
These links do not represent the entirety on the subject, but merely as a demonstration, that this is no conspiracy.
Not surprisingly, I could not find one reference to the determination by the EU that M$ Windows can be construed as a "bugging device". I did find some articles removed as a result of DMCA Copyright Complaints…hmmm. Nonetheless, it was so said and so found and as a result, M$ was fined 1.4 Billion for violating EU Anti-Trust laws in addition.
There is indeed widespread wire tapping including without warrants, of Internet and anything else, that doesn't equate to crypto back doors though, or any kind of push to make strong crypto illegal.
With the amount of review of every cipher believed to be cryptographically sound, including by a whole lot of very strong cryptographers who have no ties to government and would publicly release for notoriety and the sake of crypto itself, I seriously doubt if there are any back doors. It's possible there are significant weaknesses known only to a select few, just exceptionally unlikely.